It is exceedingly rare that a Chief Information Officer, Chief Technology Officer or Chief Risk Officer takes an active interest in the management of social media at their organization. It is, in fact, quite common that the CIO, CTO or CRO could not even name the company’s head of social media. That’s not only very sad – it’s insanely risky.
I have a couple of theories about why this situation exists at almost all large organizations doing social media at scale:
• CIOs, CTOs and CROs are simply unaware that social media management touches their space and that they should be concerned about it. As they say, ignorance is bliss!
• They are mildly aware, but as there are not a lot of people hopping up and down asking, “What are we doing about social media security?” it simply gets lost in the shuffle.
• They have fallen into the trap of thinking “the social media team handles social media.” Again, ignorance is bliss.
• Or, something else I am not smart enough to think of.
No matter the why, if the current state at your company is that the CIO, CTO or CRO has never even had a conversation with the social media team, it’s time to change that, ASAP. Not establishing that bridge and – more importantly – not building a solid working relationship between the two teams could result in your company being caught with its social media pants down. And that could impact all kinds of things, from your company’s reputation, brand equity, employee retention and even earnings. Have I got your attention yet?
If I had a chance to give these company officers a bit of a pre-read or a primer before our first meeting, here are the five things I’d like them to know. And before you think I’m being super harsh, let me say for the record that I believe most CIOs, CTOs and CROs are extremely smart, extremely forward-looking leaders. They just need some education in this particular area so they can help create the right solution. I don’t think they are unwilling or unable. I think they are unaware.
1. Identity management: Though most people don’t realize it, social media management is a huge exercise in identity management. Each person who needs access to a social media account is an identity. Each account and its password is an identity. Each Gmail account tied to a Youtube account is an identity. Each paid advertising account is an identity. Shall I go on? Now imagine keeping all of those identities straight, and also making sure that at any given time, each person involved only has access to the things that they need access to, with the right levels of permission. And then add in agency partners and their people. At a very large organization, there are likely hundreds of channels and hundreds of people, making it like the biggest Rubix Cube you can imagine. Just like there are permissions, controls and protocols for things like intranet access and emails, there should be identity management for social media. Most CIOs, CROs and CTOs simply just don’t know. But they will.
2. It can’t be managed with a helpdesk ticket: Having been the global head of social media for a major corporation, I have had about 20 different conversations about “why can’t the helpdesk just have a ticket for this?” And the short answer is that it’s way too complicated. The longer version is this: Imagine Joe is leaving the company. Joe has access to the company’s Facebook, Twitter, Instagram and LinkedIn account. We need to remove Joe’s access to the Facebook and LinkedIn accounts, which are managed directly through two different tools. We need to change the password on the Twitter and Instagram accounts, update our records, securely relay the new password to Joe’s remaining teammates and reestablish the connections for those accounts to our tools (the connection breaks when the password is changed). Then we need to follow the same process for any ad accounts Joe has access to, terminate his user profile in our management system and then do the whole thing in reverse, assuming we are onboarding a replacement for Joe. In addition to the complexity and number of systems involved, you also would not want hundreds of IT helpdesk people to have access to grant admin rights to your social media properties because they would have to be admins themselves, and that is definitely not safe or sustainable long-term. Not to mention they’d need a ton of training.
3. It requires expertise: In case it is not already apparent, managing this bizarre, interwoven network of tools, channels and platforms requires a deep level of expertise. Because nothing can ever be simple in Social Media Land, each social media network operates differently. On some networks, there are multiple levels of access and permission. On others, there is just one – you can either log in or you can’t. Some have dedicated tools to manage accounts. Others simply don’t. Some provide data feeds (called APIs). Others don’t. And, for bonus points, just when you get it all figured out, Facebook goes and redesigns its whole platform and everything changes. You really do need an expert in the space to manage these things. You need someone who is incredibly detail-oriented, and you need someone who understands the entire landscape because very often Change A has a cascading effect and suddenly you must also make Change B and Change C for things to still work. (This is yet another reason a helpdesk ticket is not the best solution.)
Caveat: OK so if a helpdesk ticket is not the right solution, what is? Guess what? It involves the helpdesk! The ideal solution to this always-present problem would be for there to be a dedicated resource or three to handle these types of workflows. It could be that it’s a couple of very trusted IT resources who are embedded with the social team. Or it could be members of the social team with a dotted line to IT. But that solution is more custom-tailored and very, very different than having a random helpdesk employee create a Zendesk ticket and try to solve the issue. To this day, I am not aware of a company that has gotten this right, largely because (ahem!) no one is having the right conversations.
4. Your social team doesn’t have the time: For CIOs, CROs and CTOs who fall into the trap of thinking “the social media team handles social media,” let me drop some knowledge on you. While every team in the company always says they need more resources, your social media team really needs more resources. Social is still in its infancy at most companies. It is still in the phase of “we don’t know what it takes to do it, so we’ll start with a super small team of one or two” at a lot of big companies. Even for companies that have full social media teams, it’s still extremely rare for them to be resourced appropriately. Social media teams are responsible for an astonishing array of responsibilities including (but not limited to): creating social media posts for each of your channels, managing comments on posts, managing direct messages, relaying issues to the appropriate departments throughout the company, getting approvals on content, managing a suite of tools, managing a host of agency partners, managing paid advertising and the creative assets and approvals for ads, managing compliance and regulatory requirements, training, teaching, stakeholder management, crisis management 24/7/365 and occasionally sleeping. User provisioning, identity management and governance quite honestly gets pushed to the back burner because it is less immediate. Many social media teams simply don’t have the time to focus on doing this well and securely. They know it’s a problem. But they can’t do anything about it with their current resources and demands. They could really use your help.
5. It requires partnership: The bottom line truth of the matter is this… your risk, IT and compliance folks do not have the social media expertise to do this. And your social media team does not have the expertise in risk, compliance or your IT infrastructure to do this alone. It is only by forging a true partnership and working together that you can arrive at a system that manages social media for your company in a safe, secure way while also being efficient and smart about how you do it. I know the social media teams at dozens of companies. I have yet to see one of them crack this nut completely. But it is truly my prediction that the companies that lean in now will benefit in a big way in the long run. Companies that ignore this until it is a problem will be too late and may pay a big price in the end.